From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: Re: [PATCH] x86/PV: properly populate descriptor tables
Date: Mon, 26 Oct 2015 14:55:27 +0000
Message-ID: <562E3EDF.5040502@citrix.com>
References: <5602E29802000078000A4EAF@prv-mh.provo.novell.com>
	<562E3C0B.5040908@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta14.messagelabs.com ([193.109.254.103])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <prvs=734a35e72=Andrew.Cooper3@citrix.com>)
	id 1ZqjBL-0001a7-99
	for xen-devel@lists.xenproject.org; Mon, 26 Oct 2015 14:55:31 +0000
In-Reply-To: <562E3C0B.5040908@citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: David Vrabel <david.vrabel@citrix.com>, Jan Beulich <JBeulich@suse.com>, xen-devel <xen-devel@lists.xenproject.org>
Cc: Wei Liu <wei.liu2@citrix.com>, Keir Fraser <keir@xen.org>
List-Id: xen-devel@lists.xenproject.org

On 26/10/15 14:43, David Vrabel wrote:
> On 23/09/15 16:34, Jan Beulich wrote:
>> Us extending the GDT limit past the Xen descriptors so far meant that
>> guests (including user mode programs) accessing any descriptor table
>> slot above the original OS'es limit but below the first Xen descriptor
>> caused a #PF, converted to a #GP in our #PF handler. Which is quite
>> different from the native behavior, where some of such accesses (LAR
>> and LSL) don't fault. Mimic that behavior by mapping a blank page into
>> unused slots.
>>
>> While not strictly required, treat the LDT the same for consistency.
> This change causes a 32-bit userspace process running in a 32-bit PV
> guest to segfault.
>
> The process is a Go program and it is using the modify_ldt() system call
> (which is successful) but loading %gs with the new descriptor causes a
> fault.  Even a minimal (empty main()) go program faults.

D'uh - its obvious now you point it out.

By filling the shadow ldt slots as present, zero entries, we break their
demand-faulting.

We can't be safe to incorrect faults from LAR/LSL, *and* perform demand
faulting of the LDT.

Reverting hunk 2 for now is the best course of action.

~Andrew